Haavoittuvuuksia VMwaren tuotteissa – päivitä heti
www.kyberturvallisuuskeskus.fi/fi/haavoittuvuuksia-vmwaren-tuotteissa-paivita-heti VMware julkaisi päivityksiä, jotka tulisi asentaa välittömästi. Haavoittuvuudet mahdollistavat esimerkiksi etänä suoritettavat komennot sekä mielivaltaisen ohjelmakoodin suorittamisen. Kriittinen haavoittuvuus CVE-2021-21972 koskee VMware vCenter Server – -hallinta-alustaa, joka mahdollistaa etänä suoritettavien komentojen suorittamisen. Julkaistu vakava haavoittuvuus CVE-2021-21974 koskee ESXi OpenSLP -puskurin ylivuotoa.
Google funds Linux maintainers to boost Linux kernel security
www.bleepingcomputer.com/news/security/google-funds-linux-maintainers-to-boost-linux-kernel-security/ Together with the Linux Foundation, Google announced today that they would fund two Linux kernel developers’ efforts as full-time maintainers exclusively focused on improving Linux security.
CISA Releases Joint Cybersecurity Advisory on Exploitation of Accellion File Transfer Appliance
us-cert.cisa.gov/ncas/current-activity/2021/02/24/cisa-releases-joint-cybersecurity-advisory-exploitation-accellion The cybersecurity authorities of Australia, New Zealand, Singapore, the United Kingdom, and the United States have released Joint Cybersecurity Advisory AA21-055A: Exploitation of Accellion File Transfer Appliance.
LazyScripter: From Empire to double RAT
blog.malwarebytes.com/malwarebytes-news/2021/02/lazyscripter-from-empire-to-double-rat/ Malwarebytes’ Threat Intelligence analysts are continually researching and monitoring active malware campaigns and actor groups as the prevalence and sophistication of targeted attacks rapidly evolves. In this paper, we introduce a new APT group we have named LazyScripter, presenting in-depth analysis of the tactics, techniques, procedures, and infrastructure employed by this actor group. Lisäksi:
NASA and the FAA were also breached by the SolarWinds hackers
www.bleepingcomputer.com/news/security/nasa-and-the-faa-were-also-breached-by-the-solarwinds-hackers/ NASA and the US Federal Aviation Administration (FAA) have also been compromised by the nation-state hackers behind the SolarWinds supply-chain attack, according to a Washington Post report. The two attacks are part of a broader espionage effort targeting and compromising multiple US government agencies over the last year.
Hackers Tied to Russia’s GRU Targeted the US Grid for Years, Researchers Warn
www.wired.com/story/russia-gru-hackers-us-grid/ A Sandworm-adjacent group has successfully breached US critical infrastructure a handful of times, according to new findings from the security firm Dragos. On Wednesday, industrial cybersecurity firm Dragos published its annual report on the state of industrial control systems security, which names four new foreign hacker groups focused on those critical infrastructure systems. Three of those newly named groups have targeted industrial control systems in the US, according to Dragos.
Online Trackers Increasingly Switching to Invasive CNAME Cloaking Technique
thehackernews.com/2021/02/online-trackers-increasingly-switching.html With browser makers steadily clamping down on third-party tracking, advertising technology companies are increasingly embracing a DNS technique to evade such defenses, thereby posing a threat to web security and privacy.
Heavily used Node.js package has a code injection vulnerability
www.bleepingcomputer.com/news/security/heavily-used-nodejs-package-has-a-code-injection-vulnerability/ A heavily downloaded Node.js library has a high severity command injection vulnerability revealed this month. Tracked as CVE-2021-21315, the bug impacts the “systeminformation” npm component which gets about 800, 000 weekly downloads and has scored close to 34 million downloads to date since its inception.
Vietnamese Activists Targeted by Notorious Hacking Group
www.amnestyusa.org/reports/vietnamese-activists-targeted-by-notorious-hacking-group/ Hacking group Ocean Lotus, which has been suspected of having links with the Vietnamese government, is behind a sustained campaign of spyware attacks on the country’s human rights activists, a new investigation by Amnesty Tech reveals, underscoring an intensifying assault on freedom of expression. Lisäksi: